This message was deleted.

That's a bit vague. what Azure service do you want to use for running the containers? https://azure.microsoft.com/en-us/products/category/containers

I have about 6 containers, that are in a private Azure registry. I can't seem to work out how to modify the existing example Go code, to specify what the registry credentials are?

I'd recommend using system assigned identities on the App runtime side. If you're using App Services as a runtime for your containers that would be configured by: • Setting the

Identity

parameter to

SystemAssigned

in

web.*NewWebApp*

so that the App Service has a managed identity which can be authorized to pull from the Registry • Under SiteConfig on the App Service resource Set

AcrUseManagedIdentityCreds

to

pulumi.*Bool*(true)

so that the App Service knows you want to use managed ID for authenticating against the registry • Then create a Role Assignment to assign the

AcrPull

role to the managed identity. Sharing the Python code I use for that - which you could adjust to work in your Go project - see docs for authorization.RoleAssignment

def webapp_acrpull_role(name, web_app, registry):
    """Add identity to registry allowing web app to pull images"""
    return (
        authorization.RoleAssignment(
            name,
            principal_id=web_app.identity.principal_id,
            principal_type="ServicePrincipal",
            role_definition_id="/providers/Microsoft.Authorization/roleDefinitions/7f951dda-4ed3-4680-a7ca-43fe172d538d",
            scope=registry.id,
            opts=pulumi.ResourceOptions(
                parent=web_app, ignore_changes=["principal_id"]
            ),
        )
        if registry is not None
        else None
    )

Sorry, I'm not sure I understand. My containers are all self contained as either running node or a .net api and they have exposed ports?